[Fedora-directory-commits] ldapserver/ldap/servers/slapd util.c, 1.24, 1.25
Richard Allen Megginson
rmeggins at fedoraproject.org
Wed Jan 7 02:33:40 UTC 2009
Author: rmeggins
Update of /cvs/dirsec/ldapserver/ldap/servers/slapd
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv29276/ldapserver/ldap/servers/slapd
Modified Files:
util.c
Log Message:
Resolves: bug 479077
Bug Description: Server to Server SASL/DIGEST-MD5 not Supported over SSL/TLS
Reviewed by: nkinder (Thanks!)
Fix Description: If using TLS/SSL, we don't need to use a sasl security layer, so just set the maxssf to 0.
Platforms tested: RHEL5
Flag Day: no
Doc impact: no
Index: util.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/util.c,v
retrieving revision 1.24
retrieving revision 1.25
diff -u -r1.24 -r1.25
--- util.c 6 Jan 2009 22:50:30 -0000 1.24
+++ util.c 7 Jan 2009 02:33:37 -0000 1.25
@@ -1257,6 +1257,10 @@
}
}
} else {
+ /* a SASL mech - set the sasl ssf to 0 if using TLS/SSL */
+ if (secure) {
+ ldap_set_option(ld, LDAP_OPT_X_SASL_SECPROPS, "maxssf=0");
+ }
rc = slapd_ldap_sasl_interactive_bind(ld, bindid, creds, mech,
serverctrls, returnedctrls,
msgidp);
More information about the Fedora-directory-commits
mailing list